Copy link to clipboard
Copied
Hello,
It seems that something has changed recently with the Adobe Connect Webservices API. In the past, when I would call 'principal-update' to create or update a user, I would sanitize all my strings using urlencode() in PHP, which takes any non-alphanumeric characters (or dashes and underscores) and "percent encodes" them. For example, a "@" character in an email address becomes "%40".
This is important especially in the case that a string contains an ampersand (&) or question mark (?) since those characters are used to pass the parameters themselves in the URL string.
This has always worked fine until I noticed a few days ago it was no longer working.
If I attempt to create a user with an email address formatted with the "%40", Connect now comes back with an error message saying it wasn't formatted properly. Removing the encoding fixes the problem.
However, this is NOT best practice. And especially for passwords, which could theoretically contain ampersands and question marks, you cannot simply pass the raw string in the URL as it will create a malformed URL.
Has anyone noticed this, and does Adobe know about it? Seems like a major problem, and means I will have to prevent users from using these special characters in their passwords until this is fixed.
-Jeff
Copy link to clipboard
Copied
Jeff,
Thanks for the posting. I suggest you should call this into Support as a bug. It's possible that they changed something that affected this without seeing the ramifications.